Secure IT Systems 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings

This book constitutes the refereed proceedings on the 23rd Nordic Conference on Secure IT Systems, NordSec 2018, held in Oslo, Norway, in November 2018.

The 29 full papers presented in this volume were carefully reviewed and selected from 81 submissions. They are organized in topical sections named: privacy; cryptography; network and cloud security; cyber security and malware; and security for software and software development.

 

Privacy.- Privacy-preserving Distributed Economic Dispatch Protocol for Smart Grid.- Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps.- MixMesh Zones – Changing Pseudonyms Using Device-to-Device Communication in Mix-Zones.- AppLance: A Lightweight Approach to Detect Privacy Leak for Packed Applications.- Cryptography.- Unifying Kleptographic Attacks.- Steady: A Simple End-to-End Secure Logging System.- Revisiting Deniability in Quantum Key Exchange via Covert Communication and Entanglement Distillation.- On Security Analysis of Generic Dynamic Authenticated Group Key Exchange.- A Blockchain-Assisted Hash-Based Signature Scheme.- The Fiat-Shamir Zoo: Relating the Security of Different Signature Variants.- Verifiable Light-Weight Monitoring for Certificate Transparency Logs.- Network and Cloud Security.- CLort: High Throughput and Low Energy Network Intrusion Detection on IoT Devices with Embedded GPUs.- Detection of covert channels in TCP retransmissions.- What you can change and what you can’t: human experience in computer network defenses.- Attack simulation for a realistic evaluation and comparison of network security techniques.- Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots using Virtual Machine Introspection.- Authorization Policies Specification and Consistency Management within Multi-Cloud Environments.- Cyber Security and Malware.- Cyber Hygiene: The Big Picture.- Estimating the Risk of Fraud against E-services.- PESTEL Analysis of Hacktivism Campaign Motivations.- Data Modelling for Predicting Exploits.- UpDroid : Updated Android Malware and Its Familial Classification.- Evaluation of Cyber Security Management of Critical Infrastructures: A Literature Review Guided by the NIST Cybersecurity Framework.- Next Generation Ransomware.- Security for Software and Software Development.- Hardware-Assisted Program Execution Integrity: HAPEI.- Protecting Instruction Set Randomization from Code Reuse Attacks.- A Uniform Information-Flow-Security Benchmark Suite for Source Code and Bytecode.- When Harry met Tinder: Security analysis of dating apps on Android.- Threat Poker: Solving Security and Privacy Threats in Agile Software Development.